Using label-based access control (LBAC) to strengthen data privacy
LBAC implements data safety to a higher level of granularity. In many organizations, there are requirements that stipulate that sensitive data will not be visible to anyone but nominated persons. Another problem that may arise regarding visibility is that users with authorities such as SYSADM, DBADM, and DATAACCES have read access on all tables within the database. By defining security policies, labels, and components that are part of LBAC, access to sensitive data can be greatly restricted. In the past, this was implemented by creating custom views and stored procedures. However, this method did not solve the entire table access problem for database administrators.
Getting ready…
In this recipe, we'll create five new users with control privilege on table navaid within the NAV schema.
We will divide this recipe in a way that will cover every LBAC object being created, step-by-step. Next, we'll apply LBAC securitization on...
